details and examples of the e-mail are at:

http://www.dslreports.com/forum/remark,16050890

When they wanted my SS number I knew it was a scam!

I've gotten emails from PayPal telling me a new email address has been added to my account, please confirm, etc. But when I hover the mouse over the link, I see that it doesn't go to the PayPal site, so I know it's not the real thing.

A funny thing about these emails is I'm receiving them at addresses not registered with PayPal.

Because I DO have a PayPal account, and an Ebay account, whenever an email "from" them comes in, I read the email header. The header gives me the addrees and domain of the originating server. 99% of the time, it does not come from the supposed originating domain. If it does, I may read the message, but NEVER click the link. I will use the shortcuts I have inmy browser instead.

I pay a large percentage of my bills on line. The outfit to whom I owe money sends me an email when the bill is due. Again, I never click the links, I use my own shortcuts. So far, so good.

A

If you don't know how to read a header here's how: http://community.middlebury.edu/~aehoffma/emailheaders.htm

Ahh.. you three get the coveted gold star for computer security awareness!


I'm still amazed that these things rope in folks, after all thats been said and reported about phishing and online scams in general..you'd think folks would be more aware.

Very helpful.

details and examples of the e-mail are at:http://www.dslreports.com/forum/remark,16050890Thanks RedJack.

This may be the best PayPal phish I have yet seen. In the first spam letter, the phishers appear to say 'Dear Firstname Lastname', which if true, is a significant step forward for PayPal phishing spams. This form of salutation, using the target's actual full name, is the same salutation used by PayPal itself, and in fact, all previous PayPal phishing spams I have seen start with the greeting 'Dear PayPal customer' which is *never* how PayPal addresses its customers (so PayPal says anyway).

When getting such emails from businesses with whom you have a business relationship, its always a good plan to navigate to their site directly and not use any links from an email. Or if you have to use the email links, do so carefully and recognize that the human-readable link text is not necessarily the same as the actual link URL. So always examine these if you feel you have to use them (use the Properties dialog by right mousing the link in IE).

Once you navigate to such a page, look for several things. First, find some empty space on the page in question, right mouse on it and bring up the Properties dialog for the page (again this is in IE, in FF its View Page Info). Examine the page address in the Properties dialog or Page Info dialog. If it does NOT match the page address in the Address bar of your browser, then the page is probably (almost certainly) Fraudulent and you are done. Additionally, from the Properties dialog, you can view the Certficate for the page and determine if its ok or not. Lesson here, is, NEVER trust the Address bar in the browser, because it can be made to say anything a hacker wants it to, if they are clever enough. Having said that, if you look at the page here: http://www.dslreports.com/speak/slideshow/16050890?c=1005449&ret=L2ZvcnVtL3JlbWFyaywxNjA1MDg5MA%3D%3D the Address bar there should be a dead giveaway, since instead of the PayPal.com domain after the http protocol, there is the hardcoded IP address of 211.233.66.55 which is the ACTUAL IP address of the domain where this http session will resolve at (this is very sloppy of the hackers, btw).

The rest of the phishing pages are very clever in that they, behind the scenes, actually validate your login and other information using the PayPal sites (without you ever knowing that they are doing that, puppetmaster-style). This part of their phish/hack is first rate it seems from the report, but I did not go out and try it myself to verify that. :-P

Be careful out there folks. Remember, you cannot expect to have security without actually intending to be secure, security does not happen just by accident.

GM :)

Ahh.. you three get the coveted gold star for computer security awareness!

Shoot, Ben, I'm honored! But then, if I don't get a gold star for computer security, I shouldn't be working this job!:D

Point taken Amy :) Wish you worked for my company, they need someone that really knows whats going on up there in corporate security.

I too am astonished that anyone is taken in by these....I get a couple every day and they've become so familiar that they simply get flushed unread. Over the years, I believe PayPal has needed to contact me twice. On both occasions, the e-mails asked me to log into my PayPal account and sort things out, NOT to click on a link.

The "phishing" e-mails that amuse me most purport to come from banks where I don't even have an account. Have been half-tempted to click on those, make up a name, account number, etc., and let them see how far it gets them....then again, lord only knows what sort of garbage those sites install on your computer, so I'd better not.

Your account has been flagged!
PayPal Security Measures.

Dear PayPal Member,

Your account has been randomly flagged in our system as a part of our routine security measures. This is a must to ensure that only you have access and use of your Paypal account and to ensure a safe PayPal experience. We require all flagged accounts to verify their information on file with us. To verify your information at this time, please visit our secure server webform by clicking the hyperlink below:

Click here to verify your Information

If you choose to ignore our request, you leave us no choice but to temporarily suspend your account.



Yes, please do you &%^$# morons, go ahead and suspend my non existent account. LOL http://i34.photobucket.com/albums/d149/danielmarkskelton/EMOTICONS/1.gif

I always forward those emails to spoof@paypal.com

Same goes for the letters I receive threatening to terminate my eBay account - I forward those to spoof@ebay.com

Any correspondence generated from Pay Pal or eBay will ALWAYS refer to you by your first and last name - the phishing mails refer to you as "Pay Pal customer" or "eBay customer".

*WHOOPS!* Thanks, Green Monkey, for the head's up about the sophistication of these thieves now using first & last names!! That's REALLY scary!

Yeah, the chances of anyone ever actually getting caught and appropriately punished are slim to none, but even if only one of these bandits is punished, it's a good start!

Just got a phishing message containing this text:

If you choose to ignore our request, you leave us no choise but to temporaly suspend your account.

Proper spelling might improve their chances of reeling in the bigger fish....

I never open anything purporting to be from PayPal, Amex or Chase anymore. Instead, I just log in directly every two weeks when I pay my other bills to make sure that everything is kosher.

Another variant that I get fairly often purports to be a PayPal receipt for some huge amount of money for an item I did not purchase. I am expected, of course, to click on the handy link to dispute the charge. But I never do. A fair number of these must come from the same source, as most claim I just bought an Omega watch for $395. I do wish they'd explain why they'd ever expect me to trade in my Rolex....

Oh goody. I just got another one the very same in my e-mail.

Some people just can't seem to take no for an answer. LOL

Hi there guys! I have installed an Ebay toolbar on my internet page. It has a feature that lets you know that you're not being visited by an Ebay or Paypal site. I was fooled once, a couple of years ago. Some guy with a UK ip took over my seller account and began listing fake laptops and other extravigant electronic items with my account. Ebay fixed it all within 24 hours, but I was sweating it. Now, when I get one of their requests for information, I say that my user name is gotohell and my password is biteme!

I've had my eBay account attacked twice--on the first occasion, someone listed a snowmobile on my account, on the second, eBay notified me (and yes, it was a genuine notification) that my password had been "compromised". I now change it regularly and with any luck there will be no repeat performances.

No idea what the motive of such people could possibly be. Apart from being the eBay equivalent of writing nasty words on walls, I suppose it could be the work of unhappy customers (of whom I have had mercifully few). I do recall a seller who attempted to rip me off and when called on it threatened to start other accounts using my information and list fictitious items (he apparently actually did this to others). I simply forwarded his communications to eBay and he vanished from the scene.

One cannot help but wonder at a world in which there are so many people with so few productive uses for their time.